Apparently, the final release of Pisi Linux 2.0 will be ready quite soon. As far as I can tell, the devs are working on its documentation and polishing some rough edges. They also have made a set of banners for those who want to help spread the word. I like this one:
Of course there are many others here in case you'd like to add one to your blog or site.
martes, 22 de marzo de 2016
lunes, 21 de marzo de 2016
Security: antiX 15.1 and MX-15 Devs Now Sign their ISO Files
After the hacking of Linux Mint's site, other Linux developers have been thinking about an extra layer of security to ensure that what the end user downloads is actually what the original developers uploaded.
In the case of antiX and MX-15, this new security layer has taken the shape of signed ISO files. This way, users can verify if their downloads are the real ones of if they have been tampered somehow.
This represents a little more complication for the end user, of course. He or she will have to import the signature and then check that the ISO file matches that signature. That, in turn will translate in seeing messages like:
Good signature from "aaaaaaa"
WARNING: This key is not certified with a trusted signature!
There is no indication that the signature belongs to the owner.
This will disturb some, of course. I can almost hear some people complaining that this is too complicated and that the messages are annoying or scary. They may even argue that devs shouldn't bother users so much with their inconvenient ideas.
I guess they are the kind of people that will leave their cars open and already started, the front doors of their houses unlocked, and their children unattended because doing all that is extremely inconvenient.
Security and comfort don't seem to go side by side all the time.
In the case of antiX and MX-15, this new security layer has taken the shape of signed ISO files. This way, users can verify if their downloads are the real ones of if they have been tampered somehow.
This represents a little more complication for the end user, of course. He or she will have to import the signature and then check that the ISO file matches that signature. That, in turn will translate in seeing messages like:
Good signature from "aaaaaaa"
WARNING: This key is not certified with a trusted signature!
There is no indication that the signature belongs to the owner.
This will disturb some, of course. I can almost hear some people complaining that this is too complicated and that the messages are annoying or scary. They may even argue that devs shouldn't bother users so much with their inconvenient ideas.
I guess they are the kind of people that will leave their cars open and already started, the front doors of their houses unlocked, and their children unattended because doing all that is extremely inconvenient.
Security and comfort don't seem to go side by side all the time.
Etiquetas:
downloads,
ISO,
MX,
MX-Snapshot,
security,
Signed Files
Suscribirse a:
Entradas (Atom)